FEDORA-2024-9a87127dd0
Packages in this update:
mbedtls3.6-3.6.1-1.fc41
Update description:
Update to 3.6.1
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1
mbedtls3.6-3.6.1-1.fc41
Update to 3.6.1
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1
Transport for London has revealed several digital services are suspended after a cyber-attack last week
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-45107.
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526,
CVE-2024-7527, CVE-2024-7529, CVE-2024-8382)
It was discovered that Thunderbird did not properly manage certain memory
operations when processing graphics shared memory. An attacker could
potentially exploit this issue to escape the sandbox. (CVE-2024-7519)
Irvan Kurniawan discovered that Thunderbird did not properly check an
attribute value in the editor component, leading to an out-of-bounds read
vulnerability. An attacker could possibly use this issue to cause a denial
of service or expose sensitive information. (CVE-2024-7522)
Rob Wu discovered that Thunderbird did not properly check permissions when
creating a StreamFilter. An attacker could possibly use this issue to
modify response body of requests on any site using a web extension.
(CVE-2024-7525)
Nils Bars discovered that Thunderbird contained a type confusion
vulnerability when performing certain property name lookups. An attacker
could potentially exploit this issue to cause a denial of service, or
execute arbitrary code. (CVE-2024-8381)
It was discovered that Thunderbird did not properly manage memory during
garbage collection. An attacker could potentially exploit this issue to
cause a denial of service, or execute arbitrary code. (CVE-2024-8384)
python3.13-3.13.0~rc2-1.fc39
Python 3.13.0rc2
python3.13-3.13.0~rc2-1.fc40
Python 3.13.0rc2
python3.13-3.13.0~rc2-1.fc41
python3-docs-3.13.0~rc2-1.fc41
Python 3.13.0rc2
Security fix for CVE-2024-8088 and CVE-2024-6232
openssl-3.1.4-4.fc39
Patch for CVE-2024-6119
Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.
libcoap-4.3.5-6.fc41
Update to 4.3.5 GA